Re: [Acme] WG last call for draft-ietf-acme-email-smime-06
Ryan Sleevi <ryan-ietf@sleevi.com> Sun, 03 May 2020 05:36 UTC
Return-Path: <ryan.sleevi@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E56C33A153C for <acme@ietfa.amsl.com>; Sat, 2 May 2020 22:36:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tHt4vddI17Rj for <acme@ietfa.amsl.com>; Sat, 2 May 2020 22:36:23 -0700 (PDT)
Received: from mail-ej1-f43.google.com (mail-ej1-f43.google.com [209.85.218.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B03D03A153A for <acme@ietf.org>; Sat, 2 May 2020 22:36:22 -0700 (PDT)
Received: by mail-ej1-f43.google.com with SMTP id s9so11098247eju.1 for <acme@ietf.org>; Sat, 02 May 2020 22:36:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jmViazjI9nxz6oy8ooGyrJohYXm5xkffNw0Dj3wST6A=; b=DmY6XwMG28GoaQEhWvS6uCaDs18XQqmfk1x3AEM6hW3/HTQgViyq61ZNN0v2MFFlLf 8pZWvThoTNJBoJc1IbkPDfrtKcxM0YgHtcQTZc6LxhKZqcOmjTqZK6ZB+CGEPZHkawV3 j+NQlXCLZoNT5jCkHmsfw+PE0WJUSu0kwB5zfY9uVuDIoxsrgIc5RtwV1WINyNY6L6Ip amK4jNtEIhgXKPZ87KsUHeJ8yASSsvUAWtVGZrM3jaQ6cGMvWVvv95r3/H6n73euCsmM /tu98xUBlNXGQf+cF62/Ez2Wss/1YYbt4vLmk8qAh3mx+M02IwOZcQSq830B//DILAvF +3WQ==
X-Gm-Message-State: AGi0PuYOaUONsJHtCn8SFJ454DYDm3YU98nTEy3f66wQzjuarJCM6oRr OcRiCTiwcHf3ZtR22lzXFuCp4jBj
X-Google-Smtp-Source: APiQypIE5ZMmnYrT0tYXrfwUkWbCTMdq0SUq6r++FZfN82O8NqRLrc+T5gq/TW5jQ/zAVTk/lqawbA==
X-Received: by 2002:a17:906:5347:: with SMTP id j7mr8969217ejo.173.1588484180680; Sat, 02 May 2020 22:36:20 -0700 (PDT)
Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com. [209.85.208.47]) by smtp.gmail.com with ESMTPSA id v26sm914500edy.78.2020.05.02.22.36.20 for <acme@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 02 May 2020 22:36:20 -0700 (PDT)
Received: by mail-ed1-f47.google.com with SMTP id a8so10724826edv.2 for <acme@ietf.org>; Sat, 02 May 2020 22:36:20 -0700 (PDT)
X-Received: by 2002:aa7:c2ce:: with SMTP id m14mr10147931edp.305.1588484179872; Sat, 02 May 2020 22:36:19 -0700 (PDT)
MIME-Version: 1.0
References: <3703708B-4454-4AC9-87AF-961C73B1F331@akamai.com> <CAHbrMsDco31pxyBMBSdbgh5aMnttyC1G_tDTg1tz-aAzto=5dw@mail.gmail.com> <fee01750-7afb-02a7-50ee-30453805abec@isode.com> <CAHbrMsAdXvpRt2zCUn7DLNerxhZCFe4pS0TM1qzmaCUGKVYT=A@mail.gmail.com> <e188baf1-ff9f-7897-1bcb-baa94fb8ce2d@isode.com> <CAHbrMsDsW+EwGx0qzfqXn7qntB4_LqyN7jrLdkH66STeL6D02Q@mail.gmail.com>
In-Reply-To: <CAHbrMsDsW+EwGx0qzfqXn7qntB4_LqyN7jrLdkH66STeL6D02Q@mail.gmail.com>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Sun, 03 May 2020 01:36:08 -0400
X-Gmail-Original-Message-ID: <CAErg=HE4_YporYSOCeT3wcah0VivH+k8gvQnfxS8w-TsKM0doQ@mail.gmail.com>
Message-ID: <CAErg=HE4_YporYSOCeT3wcah0VivH+k8gvQnfxS8w-TsKM0doQ@mail.gmail.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, "Salz, Rich" <rsalz@akamai.com>, "acme@ietf.org" <acme@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000045d4a605a4b7cb8f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/x01PlFcyeaL40azeOmYhSFpUcUA>
Subject: Re: [Acme] WG last call for draft-ietf-acme-email-smime-06
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 May 2020 05:36:25 -0000
On Sat, May 2, 2020 at 2:11 PM Ben Schwartz <bemasc= 40google.com@dmarc.ietf.org> wrote: > > > On Sat, May 2, 2020 at 8:35 AM Alexey Melnikov <alexey.melnikov@isode.com> > wrote: > >> Hi Ben, >> On 21/04/2020 01:12, Ben Schwartz wrote: >> >> >> On Wed, Apr 1, 2020 at 5:40 AM Alexey Melnikov <alexey.melnikov@isode.com> >> wrote: >> >>> Hi Ben, >>> >>> My apologies for missing your email in March: >>> >> >> And mine for this delayed response. >> >>> On 12/03/2020 20:42, Ben Schwartz wrote: >>> >>> Section 3 says token-part1 "contains at least 64 bit of entropy", but >>> Section 3.1 says token-part1 "MUST be at least 64 octet long after >>> decoding". Is this difference deliberate? >>> >>> No, I obviously made a typo when saying octets. I will fix. >>> >> Fixed. >> >> Also 64 octets of entropy is a _lot_. RFC 8555 says "the token is >>> required to contain at least 128 bits of entropy". >>> >>> The draft seems to be oriented entirely toward use with e-mail clients >>> that have a built-in ACME-S/MIME client. I'm a bit disappointed that the >>> draft doesn't accommodate users with "naive" email clients very well, e.g. >>> by allowing customized subject lines. >>> >>> Actually, I was trying to accommodate naive email clients, but it was a >>> fine balance trying to specify minimal requirements. >>> >>> Can you suggest some specific text to change and then we can discuss >>> whether or not it should be done? My thinking about the Subject header >>> field was that I wanted to have a unique subject (so that ACME email >>> messages are easily findable). I also wanted to allow the token in the >>> subject for APIs that can easily access Subject and not other header fields. >>> >> In that case, I would suggest "... subject ending with "(ACME: >> <token-part1>)", where ...". That would allow the first part of the >> subject (most likely to be seen by a human) to be human-readable. >> >> After thinking a bit more about this: >> >> As ACME servers are generating ACME challenge emails, the requirement on >> them is stricter (they create the first message in an email thread). I am >> tempted to leave this as is. Can you think of a case where ACME servers >> would be unable to comply with this restriction? >> > My concern is that users will not know what to do if they receive an email > whose subject line is "ACME: awlkNSdpijawrfz...". Users are used to seeing > emails whose subject line is "Please verify your email address" or "Confirm > your email". (My inbox is full of them.) I see no reason to disallow that > here. > > Mandating that the subject line be non-human-readable seems like an > unnecessary barrier to adoption. > Are you expecting humans to be the primary interaction point? It almost seems that ensuring human unfriendliness is a feature, not a bug, towards the goal of automation. This structure seems especially important if it has a chance to be adopted by publicly trusted CAs. One of the big concerns with existing validation approaches is bodies that are rich-text with links used for approval, and for which anti-spam or scanning engines inspect (“click”) and cause improper authorizations. The more structure, the better, towards preventing accidental authorizations. ACME responses already allow arbitrary prefix to accommodate naive clients. >> >> Similarly, for Section 3.2. Point 6, I would relax the requirement to >> state that this block must appear somewhere in the body. That way, if the >> user sees the response message, it can provide some explanation of what is >> going on. >> >> Good idea. Changed. >> >> For Section 3.1 Point 5, I don't understand why the body is restricted to >> text/plain. In particular, I think hyperlinks to explanations and >> instructions are likely to be helpful. I also wonder whether support for >> multipart/multilingual could be useful. >> >> The body is irrelevant to ACME-aware clients, so it seems like there >> could be a lot of freedom in how this is constructed. >> >> This is true for the challenge email. >> > Yes, that's what I was referring to. > >> There is a requirement on S/MIME (if used) to provide header protection, >> but I agree that otherwise the body structure can be pretty flexible. >> >> Most email clients automatically convert HTTPS URLs to hyperlinks, which >> should make the silly schemes I'm imagining possible, but not very >> attractive, for ordinary users. >> >>> Best Regards, >>> >>> Alexey >>> >>> I assume this is deliberate, perhaps because of a desire to use >>> short-TTL S/MIME certificates that would be impractical to provision >>> manually, but the draft doesn't mention a rationale. >>> >>> On Thu, Mar 12, 2020 at 2:52 PM Salz, Rich <rsalz= >>> 40akamai.com@dmarc.ietf..org <40akamai.com@dmarc..ietf.org>> wrote: >>> >>>> This mail begins a one-week working group last call on >>>> https://datatracker.ietf.org/doc/draft-ietf-acme-email-smime/?include_text=1 >>>> >>>> >>>> >>>> If you have comments or issues, please post here. >>>> >>>> >>>> >>>> If anyone wants to be a document shepherd, please contact the chairs. >>>> >>> Best Regards, >> >> Alexey >> >> >> _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] WG last call for draft-ietf-acme-email-smi… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Ryan Sleevi
- Re: [Acme] WG last call for draft-ietf-acme-email… A. Schulze
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Ryan Sleevi
- Re: [Acme] WG last call for draft-ietf-acme-email… Ben Schwartz
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Alexey Melnikov
- Re: [Acme] WG last call for draft-ietf-acme-email… Salz, Rich